CVE ID :CVE-2026-55202 Published : June 17, 2026, 7:13 p.m. | 1 hour, 55 minutes ago Description :Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a...

#Sicherheitslücke #Update

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-55202 - Tinyproxy - Stathost Detection Bypass via Host Header Manipulation

VERWANDTEARTIKEL

CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

CVE-2026-11407 - Pimcore CMS 12.3.8 Twig Sandbox Bypass via SecurityPolicy checkMethodAllowed

CVE-2026-50107 - NGINX Gateway Fabric vulnerability

CVE-2026-54388 - Tinyproxy - HTTP Request Smuggling via Duplicate Content-Length Headers

CVE-2026-54387 - Tinyproxy - HTTP Request Smuggling via CL/TE Desynchronization

CVE-2026-55200 - libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c